GSSAPI mechanism now fully working with encryption

src/gssapi_mechanism_base.hpp

@@ -29,8 +29,9 @@ namespace zmq
 
     class msg_t;
 
-    /// Both gssapi_server and gssapi_client need to produce and process
-    /// GSSAPI tokens.  Common implementation is captured here.
+    /// Commonalities between clients and servers are captured here.
+    /// For example, clients and server both need to produce and
+    /// process INITIATE and MESSAGE commands.
     class gssapi_mechanism_base_t
     {
     public:
@@ -38,42 +39,55 @@ namespace zmq
         virtual ~gssapi_mechanism_base_t () = 0;
 
     protected:
-        /// Produce a security context initialization token
-        int produce_token (msg_t *msg_, int flags_, void *token_value_, size_t token_length_);
-        /// Process a security context initialization token
-        int process_token (msg_t *msg_, int &flags_, void **token_value_, size_t &token_length_);
-        /// Produce a wrapped message using the established security context
-        int produce_message (msg_t *msg_);
-        /// Process a wrapped message using the established security context
-        int process_message (msg_t *msg_);
+        /// Produce an INITIATE during security context initialization
+        int produce_initiate (msg_t *msg_, void *data_, size_t data_len_);
+        /// Process an INITIATE during  security context initialization
+        int process_initiate (msg_t *msg_, void **data_, size_t &data_len_);
+        /// Encode a MESSAGE using the established security context
+        int encode_message (msg_t *msg_);
+        /// Decode a MESSAGE using the established security context
+        int decode_message (msg_t *msg_);
         /// Acquire security context credentials
-        static int acquire_credentials (char * service_name_, gss_cred_id_t * cred_);
+        static int acquire_credentials (char * service_name_,
+                                        gss_cred_id_t * cred_);
 
     protected:
-        const static int TOKEN_NOOP         = (1<<0);
-        const static int TOKEN_CONTEXT      = (1<<1);
-        const static int TOKEN_DATA         = (1<<2);
-        const static int TOKEN_MIC          = (1<<3);
-        const static int TOKEN_CONTEXT_NEXT = (1<<4);
-        const static int TOKEN_WRAPPED      = (1<<5);
-        const static int TOKEN_ENCRYPTED    = (1<<6);
-        const static int TOKEN_SEND_MIC     = (1<<7);
-        
+        /// Opaque GSSAPI token for outgoing data
         gss_buffer_desc send_tok;
+        
+        /// Opaque GSSAPI token for incoming data
         gss_buffer_desc recv_tok;
-        gss_buffer_desc in_buf;
+        
+        /// Opaque GSSAPI representation of service_name
         gss_name_t target_name;
+        
+        /// Human-readable service principal name
         char * service_name;
+
+        /// Status code returned by GSSAPI functions
         OM_uint32 maj_stat;
+
+        /// Status code returned by the underlying mechanism
         OM_uint32 min_stat;
+
+        /// Status code returned by the underlying mechanism
+        /// during context initialization
         OM_uint32 init_sec_min_stat;
+
+        /// Flags returned by GSSAPI (ignored)
         OM_uint32 ret_flags;
+        
+        /// Flags returned by GSSAPI (ignored)
         OM_uint32 gss_flags;
-        int token_flags;
+        
+        /// Credentials used to establish security context
         gss_cred_id_t cred;
+
+        /// Opaque GSSAPI representation of the security context
         gss_ctx_id_t context;
     };
 
 }
-
+    
 #endif
+